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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however/may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

Responsive to communication(s) filed on 24 May 2006 . 
2a)D This action is FINAL. 2b)^ This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 1 - 10. 13 - 22 and 25 - 33 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1 - 10. 13 - 22 and 25 - 33 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)Q None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 5 > □ Notice of Informal Patent Application (PTO-152) 

Paper No(s)/Mail Date . 6) Q Other: . 

U.S. Patent and Trademark Office 

PTOL-326 (Rev. 7-05) Office Action Summary Part of Paper No./Mail Date 20060810 
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DETAILED ACTION 

1 . Claims 1 - 10, 13 - 22 and 25 - 33 are presented for examination. 



Claim Rejections - 35 USC § 101 



2. Claims 13 - 22 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

3. Claim 13 recites "a computer-readable storage medium storing instructions" which in the 
Applicant's specification also encompasses computer instruction signals embodied in a 
transmission medium with or without a carrier wave upon which the signals are modulated, page 
7 of Applicant's specification. 

4. The evidence points to the medium being intended to cover electromagnetic signals. The 
current Office position is that signals are a form of energy, not a machine, manufacture, 
composition of matter or process. Applicant must amend this claim. 



Claim Rejections - 35 USC § 112 



5. The following is a quotation of the first paragraph of 35 U.S.C. 1 12: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 

6. Claims 7, 19 and 31 are rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter which 
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was not described in the specification in such a way as to reasonably convey to one skilled in the 
relevant art that the inventor(s), at the time the application was filed, had possession of the 
claimed invention. The limitation of, "checkpointing the updated running message digest to a 
location outside of the first server" is not disclosed in the specification., Applicant is asked to 
point to the specification and drawing to where this limitation can be interpreted as or Amend 
this limitations out. 



Claim Objections 



7. Claims 5, 17 and 29 8, 20 and 32 are objected to under 37 CFR 1 .75(c), as being of 
improper dependent form for failing to further limit the subject matter of a previous claim. 
Applicant is required to cancel the claim(s), or amend the claim(s) to place the claim(s) in proper 
dependent form, or rewrite the claim(s) in independent form. Claims 5, 17 and 29 recite the 
limitation of, "establishing the active secure communication session involves establishing a 
secure sockets layer (SSL) connection with the client," is already stated in the independent 
claims. 

8. Claims 8, 20 and 32 recite the limitation of, "if the state information for the active secure 
communication session is retrieved, purging the state information from a location from which the 
state information was retrieved, so that the state information cannot be subsequently retrieved by 
another server in the plurality of servers," is already stated in the independent claims. 
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Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

10. Claims 1 - 5, 8, 9, 13 - 17, 20, 21, 25-29 and 32 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Abramson et al. (6539494) (hereinafter Abramson) in view of Purpura 
(6421768). 

11. As per claim 1, as closely interpreted by the Examiner, Abramson teaches a method for 
sharing a secure communication session with a client between a plurality of servers, comprising: 

12. receiving a message from the client at a first server in the plurality of server, the message 
including a session identifier that identifies a secure communication session with the client, (e.g., 
col. 5, line 31 - col. 6, line 14); and 

13. if the session identifier does not correspond to an active secure communication session on 
the first server, establishing an active secure communication session with the client on the first 
server by, (e.g., col. 5, line 31 - col. 6, line 14), 

14. attempting to retrieve state information associated with the session identifier for an active 
secure communication session between the client and a second server from the plurality of 
servers by the first server, wherein the state information includes encryption keys used to encrypt 
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communications between the client and the second server, wherein the first server is different 
from the second server, (e.g., col. 5, line 31 - col. 6, line 14), 

15. if the state information for the active secure communication session is retrieved, using the 
state information including the encryption keys to share the active secure communication session 
established between the client and the second server for subsequent communications between the 
client and the first server, (e.g., col. 5, line 31 - col. 6, line 14), 

16. if the state information for the active secure communication session is not retrieved, 
communicating with the client to establish the active secure communication session with the 
client, (e.g., col. 5, line 3 1 - col. 6, line 14). 

1 7. Abramson does not specifically teach without having to set up a new secure 
communication session between the client and the first server, wherein the sate information is 
purged from the second server after the state information is retrieved by the first server, wherein 
sharing the active secure communication session allows SSL session to be simultaneously shared 
by multiple servers. 

1 8. Purpura teaches without having to set up a new secure communication session between 
the client and the first server, (e.g., col. 6, lines 12 - 45), wherein the sate information is purged 
from the second server after the state information is retrieved by the first server, wherein sharing 
the active secure communication session allows SSL session to be simultaneously shared by 
multiple servers, (e.g., col. 6, line 46 - col. 7, line 21, "shared key expiration date/time"). It 
would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine Purpura with Abramson because purging data after a specific amount of time enables 
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the system to free up memory space for new sessions that are being created. Furthermore, 
utilizing SSL in a system is well known in the art to enhance security of packet transmission. 

19. Referencing claim 2, as closely interpreted by the Examiner, Abramson teaches 
attempting to retrieve the state information includes: 

20. attempting to use the session identifier to identify the second server in the plurality of 
servers that has an active secure communication session with the client that corresponds to the 
session identifier, (e.g., col. 5, line 31 - col. 6, line 14); and 

21. attempting to retrieve the state information from the second server, (e.g., col. 5, line 31 - 
col. 6, line 14). 

22. Referencing claim 3, as closely interpreted by the Examiner, Abramson teaches 
attempting to retrieve the state information involves attempting to retrieve the state information 
from a centralized repository that is in communication with the plurality of servers, (e.g., col. 5, 
line 31 - col. 6, line 14). 

23. Referencing claim 4, as closely interpreted by the Examiner, Abramson teaches the 
centralized repository includes a database for storing the state information, (e.g., col. 3, lines 24 
- 65 & col. 4, lines 5 -17). 

24. Referencing claim 9, as closely interpreted by the Examiner, Abramson teaches initially 
establishing an active secure communication session between the client and the second server, 



Application/Control Number: 09/539,266 Page 7 

Art Unit: 2143 

the active secure communication session being identified by the session identifier, (e.g., col. 3, 
lines 24 - 65 & col. 4, lines 5-17). 

25. Claims 5, 8, 9, 13 - 17, 20, 21, 25 - 29 and 32 are rejected for similar reasons as stated 
above. 

26. Claims 6, 7, 10, 18, 19, 22, 30, 31 and 33 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Abramson and Purpura as applied to claims 1,13 and 25 above, and in further 
view of Fielder et al. (6105133) (hereinafter Fielder). 

27. As per claim 6, Abramson teaches the state information includes: 

28. the session identifier for the secure communication session, (e.g., col. 3, lines 24 - 65 & 
col. 4, lines 5-17). Abramson does not teach a session encryption key for the secure 
communication session; 

29. a running message digest for the secure communication session. Purpura teaches a 
session encryption key for the secure communication session, (e.g., col. 7, lines 6-21). 

30. Fielder teaches a running message digest for the secure communication session, (e.g. col. 
2, line 60 - col. 3, line 42). It would have been obvious to one skilled in the art at the time the 
invention was made to combine Fielder and Purpura with Abramson because it would make the 
transferring of information more secure because of the functionality of running message digest 
adding a signature to identify and authenticate the sender and message of the transferred 
information. 
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31. As per claim 7, Abramson and Purpura do not teach using the message to update the 
running message digest; and 

32. checkpointing the updated running message digest to a location outside of the first server. 
Fielder teaches using the message to update the running message digest, (e.g. col. 2, line 60 - 
col. 3, line 42); and 

33. checkpointing the updated running message digest to a location outside of the first server, 
(e.g. col. 2, line 60 - col. 3, line 42). It would have been obvious to one skilled in the art at the 
time the invention was made to combine Fielder with the combine system of Abramson and 
Purpura because it would be more efficient for the message to update the running message digest 
so when a server with new information pertaining to state information occurs, the entire network 
will be able to access this information and utilize it in new secure data transfer, as appose to 
having to send a separate set of information to update the running message digest on each device, 
causing more traffic on the network. 

34. As per claim 10, Abramson and Purpura do not teach attempting to retrieve the state 
information includes authenticating and authorizing the first server. Fielder teaches attempting to 
retrieve the state information includes authenticating and authorizing the first server, (e.g. col. 1, 
lines 31 - 44). It would have been obvious to one skilled in the art at the time the invention was 
made to combine Fielder with the combine system Abramson and Purpura because it would 
make a system more secure if the receiver of the information could be authorized to the 
information by authenticating the information that was sent from the first server. Furthermore, it 
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would make the information more difficult for other system to try and access the information 
without having the authentication and authorized access to the information. 

35. Claims 18, 19, 22, 30, 31 and 33 are rejected for similar reasons as stated above. 

Response to Arguments 

36. Applicant's arguments with respect to claims 1 - 10, 13 - 22 and 25 - 33 have been 
considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

37. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

38. a. Allen U.S. Patent No. 6877095 discloses Session-state manager. 

39. b. Micali U.S. Patent No. 6026163 discloses Distributed split-key cryptosystem and 
applications. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David E. England whose telephone number is 571-272-3912. 
The examiner can normally be reached on Mon-Thur, 7:00-5:00. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A. Wiley can be reached on 571-272-3923. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



David E. England 

Examiner 

Art Unit 2143 
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